Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kv

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kv

From:	Eric Blake
Subject:	Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
Date:	Thu, 26 Aug 2021 10:06:53 -0500
User-agent:	NeoMutt/20210205-739-420e15

On Wed, Jul 07, 2021 at 05:54:40PM -0700, isaku.yamahata@gmail.com wrote:
> From: Xiaoyao Li <xiaoyao.li@intel.com>
> 
> Introduce tdx_ioctl() to invoke TDX specific sub-ioctls of
> KVM_MEMORY_ENCRYPT_OP.  Use tdx_ioctl() to invoke KVM_TDX_INIT, by way
> of tdx_init(), during kvm_arch_init().  KVM_TDX_INIT configures global
> TD state, e.g. the canonical CPUID config, and must be executed prior to
> creating vCPUs.
> 
> Note, this doesn't address the fact that Qemu may change the CPUID
> configuration when creating vCPUs, i.e. punts on refactoring Qemu to
> provide a stable CPUID config prior to kvm_arch_init().
> 
> Explicitly set subleaf index and flags when adding CPUID
> Set the index and flags when adding a CPUID entry to avoid propagating
> stale state from a removed entry, e.g. when the CPUID 0x4 loop bails, it
> can leave non-zero index and flags in the array.
> 
> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---

> +++ b/qapi/qom.json
> @@ -760,6 +760,18 @@
>              '*cbitpos': 'uint32',
>              'reduced-phys-bits': 'uint32' } }
>  
> +##
> +# @TdxGuestProperties:
> +#
> +# Properties for tdx-guest objects.
> +#
> +# @debug: enable debug mode (default: off)
> +#
> +# Since: 6.0

This should be 6.2

> +##
> +{ 'struct': 'TdxGuestProperties',
> +  'data': { '*debug': 'bool' } }
> +
>  ##
>  # @ObjectType:
>  #
> @@ -802,6 +814,7 @@
>      'secret_keyring',
>      'sev-guest',
>      's390-pv-guest',
> +    'tdx-guest',
>      'throttle-group',
>      'tls-creds-anon',
>      'tls-creds-psk',
> @@ -858,6 +871,7 @@
>        'secret':                     'SecretProperties',
>        'secret_keyring':             'SecretKeyringProperties',
>        'sev-guest':                  'SevGuestProperties',
> +      'tdx-guest':                  'TdxGuestProperties',
>        'throttle-group':             'ThrottleGroupProperties',
>        'tls-creds-anon':             'TlsCredsAnonProperties',
>        'tls-creds-psk':              'TlsCredsPskProperties',

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX, Gerd Hoffmann, 2021/08/26
- Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX, Eric Blake <=

Prev by Date: [PATCH v3 2/2] target/ppc: fix vector registers access in gdbstub for little-endian
Next by Date: Re: [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrownerconfig for TDX_INIT_VM
Previous by thread: Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
Next by thread: Re: [RFC PATCH v2 15/44] i386/tdx: Add hook to require generic device loader
Index(es):
- Date
- Thread